Zero Day Initiative Advisory 11-062 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Calendar Manager RPC Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CMSD server (rpc.cmsd) which listens by default on UDP port 32768. The process does not properly handle large XDR-encoded ASCII strings to RPC call 10 followed by RPC call 6. This can be abused by an attacker to overflow a buffer on the remote host. Successful exploitation can result in arbitrary code execution.
e333491f06c3f009392877345815035c65e8bdd0ce06fa7f31c26f9dcea3dba7UMI.CMS version 2.8.1.2 suffers from a cross site request forgery vulnerability.
15d97afa3cf1ffbf47b8e93451a2b1be74b9c6d1fcc3f2116ea3790664b345e7HP Security Bulletin HPSBMA02629 SSRT100381 - A potential security vulnerability has been identified with HP Power Manager (HPPM) running on Linux and Windows. The vulnerability could result in a cross site request forgery (CSRF) leading to unauthorized administrative access. Revision 1 of this advisory.
c6f96568bfb1b6896c9080a37e2991323c407220c28eb22e9a4b80657fd59940HP Security Bulletin HPSBST02630 SSRT1000385 - A potential security vulnerability has been identified with HP StorageWorks X9000 Network Storage Systems. This vulnerability could be exploited to allow remote unauthenticated access to the accounts with expired passwords. Revision 1 of this advisory.
133628d55fdf648aaa695254c651e53922d786d97f472f039538ea26d341b44711 bytes small MessageBox shellcode for Win32/XP Pro SP3.
cdd51f07b8965c7a4cd478c9a06160bf78924eb9d837fd7bba558ffa1fff2ffcMandriva Linux Security Advisory 2011-023 - Heap-based buffer overflow in the sql_prepare_where function in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly handled during construction of an SQL query.
515d49dc9513a1f6586e829388a19b81f06513f924d43218ea4eac91318d6fd7UMI.CMS version 2.8.1.2 suffers from multiple cross site scripting vulnerabilities.
7721bfc0e2f2065debe395781af5f7aa11f014b5e36424f050aa7ec2c3effd73adsuck is a small DNS server that spoofs blacklisted addresses and forwards all other queries. The idea is to be able to prevent connections to undesirable sites such as ad servers, crawlers, etc. It can be used locally, for the road warrior, or on the network perimeter in order to protect local machines from malicious sites.
e7851d1beac311f336d308cac45b2a483b5032ac03a7e9cd35e9d4c2ef6c300eModel Agentur Script suffers from a remote SQL injection vulnerability.
ef48c4dd4a480e31bdb158ccfd38f8fd55aac3ce73e726a0fdfcbf613165dfd8AoA MP4 Converter version 4.1.0 suffers from an active-x related stack overflow vulnerability.
4d51b4dca9a734a9dee704fc40ee8a7c19b4c3da24561d8bbc28a17cbabece2fAoA DVD Creator version 2.5 suffers from an active-x related stack overflow vulnerability.
7faa250a6820a6d4e4dacd3e35aa35a5108af11a98794a149e977db66b11f5f5VMware Security Advisory 2011-0002 - Updated versions of the Cisco Nexus 1000V virtual switch address a denial of service in VMware ESX/ESXi.
f7fb2874766eafff4cbc31b572f60590002f62083f57c442c95b8355c3c13bdaThe administrative interface in code from "Powered by Nilson Solution, India" appears to suffer from a remote SQL injection vulnerability that allows for authentication bypass.
d6b182123362a85a05227586b30896189654f2a52fb6abb5a0a83a202d7d2e21OpenSSL Security Advisory 20110208 - Incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message.
3db6ab2a088940be9ca5f4911b7eb0e19ae17309a7ff07ca88cd66bf66a8ee51Secunia Security Advisory - A vulnerability has been reported in EMC Networker Module for Microsoft Applications, which can be exploited by malicious people to compromise a vulnerable system.
36c0f9d3700a1cd2574305309f95736726d803f78df60c6c9fdb663a6f3ea49fSecunia Security Advisory - A vulnerability has been reported in Microsoft Office Excel, which can be exploited by malicious people to compromise a user's system.
ebb4b90d926d9b28384ccadf638913dd25d5975105b47d10601c2f0294049611Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
ec5d88303c0a6e1d8e1354b68ae8c184faee7989aac11dfacff466d9e0471932John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro. This is the community enhanced version.
4b8b8f3ddb904ec93ed94335cbe1267ec509403e9c22467167e18259f7d7202aSecunia Security Advisory - HD Moore has reported multiple vulnerabilities in Accellion File Transfer Appliance, which can be exploited by malicious, local users to disclose sensitive information and gain escalated privileges and by malicious users and malicious people to compromise a vulnerable system.
1f052e71d3c42be89da41ca1395232fcf10740cbd2841d1ce266870bf0b37457Secunia Security Advisory - A vulnerability has been reported in IBM Informix Dynamic Server, which can be exploited by malicious users to compromise a vulnerable system.
78b756201d9cf15fe71e49f1adaf38d5dc95a309521f307e600603d82b4f92c9Secunia Security Advisory - A vulnerability has been reported in Microsoft Office Excel, which can be exploited by malicious people to compromise a user's system.
970688027d5d79ef155b9aae62e98c5075293578c116dc3a0bc9baa2179a62bdSecunia Security Advisory - A vulnerability has been reported in Microsoft Office Excel, which can be exploited by malicious people to compromise a user's system.
589d3bd1ad7f38cba74111a28591b88b9d5f979c03019545a01689d872059866Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to disclose potentially sensitive information.
f10eba51fe0a9857b5bb9808a8fe672d15023d608cf54f1aba7ea3dde624fbd9Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to bypass certain security restrictions.
abaa8c0a33b9fae57a60c64f8b8cc7120fd44e3238fcd284e015614fb906d650Secunia Security Advisory - Some vulnerabilities have been reported in IBM Lotus Domino, which can be exploited by malicious people to compromise a vulnerable system.
2fa9a13210233822469324788d779a07dfe6fe7c55f7458f44bd81743c83efd1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed